CVE-2006-4777
8 High
AI Score
Confidence
Low
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.9%
Heap-based buffer overflow in the DirectAnimation Path Control (DirectAnimation.PathControl) COM object (daxctle.ocx) for Internet Explorer 6.0 SP1, on Chinese and possibly other Windows distributions, allows remote attackers to execute arbitrary code via unknown manipulations in arguments to the KeyFrame method, possibly related to an integer overflow, as demonstrated by daxctle2, and a different vulnerability than CVE-2006-4446.
| CPE | Name | Operator | Version |
|---|---|---|---|
| microsoft:ie | microsoft ie | eq | 6.0 |
References
secunia.com/advisories/21910
securityreason.com/securityalert/1577
securitytracker.com/id?1016854
www.kb.cert.org/vuls/id/377369
www.microsoft.com/technet/security/advisory/925444.mspx
www.osvdb.org/28842
www.securityfocus.com/archive/1/445898/100/0/threaded
www.securityfocus.com/archive/1/446065/100/0/threaded
www.securityfocus.com/archive/1/446084/100/0/threaded
www.securityfocus.com/archive/1/446085/100/0/threaded
www.securityfocus.com/archive/1/446246/100/0/threaded
www.securityfocus.com/bid/20047
www.us-cert.gov/cas/techalerts/TA06-318A.html
www.vupen.com/english/advisories/2006/3593
www.xsec.org/index.php?module=releases&act=view&type=2&id=20
docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-067
exchange.xforce.ibmcloud.com/vulnerabilities/28942
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1103
Related
8 High
AI Score
Confidence
Low
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.973 High
EPSS
Percentile
99.9%